Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
File: A5307E284CEF11F092F69C81C4F9AE02.roa (raw, json)
Hash identifier: BtYPWm6haSNi67HssCRHuMs+/2A6YgL6H+ZvBM2G+Lg=
Subject key identifier: 7E:C9:73:B0:41:D9:24:25:D6:FC:2F:87:19:D3:BA:42:41:41:07:E6
Certificate issuer: /CN=A91871C2/serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Certificate serial: 083C
Authority key identifier: A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
Signing time: Sun 10 May 2026 09:15:34 +0000
ROA not before: Sun 10 May 2026 09:15:34 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 139009
IP address blocks: 14.1.100.0/24 maxlen: 24
14.1.101.0/24 maxlen: 24
14.1.102.0/23 maxlen: 23
14.1.102.0/24 maxlen: 24
14.1.103.0/24 maxlen: 24
103.126.150.0/24 maxlen: 24
103.161.168.0/23 maxlen: 24
202.173.120.0/22 maxlen: 22
202.173.120.0/23 maxlen: 23
202.173.120.0/24 maxlen: 24
202.173.121.0/24 maxlen: 24
202.173.122.0/23 maxlen: 23
202.173.122.0/24 maxlen: 24
202.173.123.0/24 maxlen: 24
2407:d40::/32 maxlen: 32
2407:d40::/36 maxlen: 36
2407:d40::/48 maxlen: 48
2407:d40:f::/48 maxlen: 48
2407:d40:100::/48 maxlen: 48
2407:d40:101::/48 maxlen: 48
2407:d40:102::/48 maxlen: 48
2407:d40:103::/48 maxlen: 48
2407:d40:106::/48 maxlen: 48
2407:d40:107::/48 maxlen: 48
2407:d40:108::/48 maxlen: 48
2407:d40:109::/48 maxlen: 48
2407:d40:10f::/48 maxlen: 48
2407:d40:114::/48 maxlen: 48
2407:d40:122::/48 maxlen: 48
2407:d40:126::/48 maxlen: 48
2407:d40:140::/48 maxlen: 48
2407:d40:142::/48 maxlen: 48
2407:d40:201::/48 maxlen: 48
2407:d40:202::/48 maxlen: 48
2407:d40:203::/48 maxlen: 48
2407:d40:204::/48 maxlen: 48
2407:d40:205::/48 maxlen: 48
2407:d40:206::/48 maxlen: 48
2407:d40:207::/48 maxlen: 48
2407:d40:208::/48 maxlen: 48
2407:d40:222::/48 maxlen: 48
2407:d40:8000::/48 maxlen: 48
2407:d40:8004::/48 maxlen: 48
2407:d40:8007::/48 maxlen: 48
2407:d40:8009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 19 May 2026 21:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2108 (0x83c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91871C2, serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Validity
Not Before: May 10 09:15:34 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=6a004cb5-329d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:89:de:67:91:7c:d8:0a:e8:94:7c:64:c5:
33:5e:86:f9:89:f5:9e:14:70:a6:f5:0e:ea:d3:f3:
40:6f:c2:09:d2:95:8c:bd:a3:21:bc:f4:50:ad:bd:
cc:e9:08:50:da:dc:8f:3b:cb:6e:c1:b2:e3:60:0a:
ad:af:2c:fb:64:1c:b4:44:7a:91:67:f5:52:c8:ef:
70:36:1f:58:a2:7c:29:9b:c0:54:13:a3:27:30:2c:
f5:fe:17:ad:58:e1:19:ea:95:4c:9d:22:2c:b1:6a:
9e:38:0c:94:d2:26:70:a4:69:1e:d7:08:a5:72:90:
c1:e5:2f:92:fb:15:33:7a:31:a2:76:4a:f0:e7:df:
99:c8:24:ae:4f:ab:78:97:ae:86:2d:53:33:6f:6f:
01:6d:85:fd:16:f0:af:b9:c9:50:b9:05:d9:5a:54:
24:16:93:4c:0b:57:d5:80:30:1e:d1:97:39:73:41:
1b:61:57:77:07:e6:30:28:a0:19:bf:ee:db:a0:8c:
20:e0:01:9e:87:f5:92:33:83:40:c0:3f:4a:17:32:
a5:c3:78:48:98:69:f1:67:0c:65:80:46:c8:9a:a8:
e7:a6:90:df:43:94:47:24:63:e1:2d:fd:ef:50:84:
14:ad:4e:34:eb:cd:04:63:0b:89:22:ac:56:0f:ef:
eb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C9:73:B0:41:D9:24:25:D6:FC:2F:87:19:D3:BA:42:41:41:07:E6
X509v3 Authority Key Identifier:
keyid:A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.100.0/22
103.126.150.0/24
103.161.168.0/23
202.173.120.0/22
IPv6:
2407:d40::/32
Signature Algorithm: sha256WithRSAEncryption
87:a6:d0:5d:2c:b4:c8:04:75:99:6d:56:53:be:07:98:65:62:
77:d0:8f:9b:7d:91:03:cf:f0:f7:ef:12:1d:72:0f:28:0c:c2:
0c:24:02:f5:f7:a6:67:12:e9:b4:ba:ed:ae:4c:6b:43:0c:88:
13:63:7a:52:81:b6:3d:30:a0:ad:a0:a1:de:72:b7:81:9e:8a:
05:8e:af:b2:e1:5f:ad:29:9f:be:d8:0d:98:93:a7:34:77:ba:
2e:71:47:48:d8:92:e8:77:95:76:b8:9c:5a:58:b6:3d:26:13:
5f:70:3a:da:66:29:92:69:53:d8:12:c5:2a:43:cc:51:11:4c:
a0:fe:c9:c2:7e:01:93:1b:a0:91:92:7f:96:e7:35:10:cd:57:
a5:b8:00:a9:28:d1:bc:4a:9a:09:15:22:46:a2:84:34:98:af:
fd:4e:79:1a:19:5c:67:9e:46:00:a1:fe:3b:cc:18:7b:78:a9:
5b:32:8d:f8:a1:34:d8:35:1e:86:13:11:b2:8f:07:af:e5:73:
4a:af:88:ea:2f:e7:48:7d:87:aa:51:bd:a9:45:7e:dd:d1:27:
e8:ce:5d:b6:a3:73:c5:59:47:9e:fa:8c:d4:9a:13:56:14:31:
a8:8a:0e:52:52:57:34:b8:2b:3e:be:12:88:62:97:6a:11:d4:
a4:9c:08:d7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICCDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcxQzIxMTAvBgNVBAUTKEE5RUFCQzI0NjUxMTZFRDExRDZDOENEQUUyMDExMjM3
Q0YxRjU5REYwHhcNMjYwNTEwMDkxNTM0WhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02YTAwNGNiNS0zMjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs9+J3meRfNgK6JR8ZMUzXob5ifWeFHCm9Q7q0/NAb8IJ0pWMvaMhvPRQrb3M
6QhQ2tyPO8tuwbLjYAqtryz7ZBy0RHqRZ/VSyO9wNh9Yonwpm8BUE6MnMCz1/het
WOEZ6pVMnSIssWqeOAyU0iZwpGke1wilcpDB5S+S+xUzejGidkrw59+ZyCSuT6t4
l66GLVMzb28BbYX9FvCvuclQuQXZWlQkFpNMC1fVgDAe0Zc5c0EbYVd3B+YwKKAZ
v+7boIwg4AGeh/WSM4NAwD9KFzKlw3hImGnxZwxlgEbImqjnppDfQ5RHJGPhLf3v
UIQUrU40680EYwuJIqxWD+/r1wIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFH7Jc7BB
2SQl1vwvhxnTukJBQQfmMB8GA1UdIwQYMBaAFKnqvCRlEW7RHWyM2uIBEjfPH1nf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzFDMi9ERTYxNjY2ODU1
QTkxMUVCOTlBRkRBNURDNEY5QUUwMi9xZXE4SkdVUmJ0RWRiSXphNGdFU044OGZX
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FlcThKR1VSYnRFZGJJemE0Z0VTTjg4ZldkOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODcxQzIvREU2MTY2Njg1NUE5MTFFQjk5QUZEQTVEQzRGOUFFMDIvQTUzMDdFMjg0
Q0VGMTFGMDkyRjY5QzgxQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQCDgFkAwQAZ36WAwQBZ6GoAwQCyq14MA0EAgACMAcDBQAkBw1AMA0G
CSqGSIb3DQEBCwUAA4IBAQCHptBdLLTIBHWZbVZTvgeYZWJ30I+bfZEDz/D37xId
cg8oDMIMJAL196ZnEum0uu2uTGtDDIgTY3pSgbY9MKCtoKHecreBnooFjq+y4V+t
KZ++2A2Yk6c0d7oucUdI2JLod5V2uJxaWLY9JhNfcDraZimSaVPYEsUqQ8xREUyg
/snCfgGTG6CRkn+W5zUQzVeluACpKNG8SpoJFSJGooQ0mK/9TnkaGVxnnkYAof47
zBh7eKlbMo34oTTYNR6GExGyjwev5XNKr4jqL+dIfYeqUb2pRX7d0Sfozl22o3PF
WUee+ozUmhNWFDGoig5SUlc0uCs+vhKIYpdqEdSknAjX
-----END CERTIFICATE-----
Generated at Wed May 13 02:43:58 2026 by rpki-client